Distributed Ledger-Based Ad-Hoc System, Apparatus and Method

1. A method performed by a source node of an ad-hoc network cluster, comprising: sending, by a processor via a communication interface coupled to the processor, an ad-hoc route request to a manager node of the network cluster, the ad-hoc route request comprising one or more routing conditions associated with a particular resource, the one or more routing conditions defining one or more minimum characteristics of any router nodes in a routing path between the source node and a destination node coupled to the particular resource; receiving, by the processor via the communication interface, a proposed routing path from the manager node, the proposed routing path comprising an identification of one or more routing nodes in a communication path from the source node to the destination node where the particular resource may be accessed, each of the one or more routing nodes meeting or exceeding the one or more routing conditions; sending, by the processor via the communication interface, a route validation message to the destination node via the one or more routing nodes identified in the proposed routing path; receiving, by the processor via the communication interface, a response message from the destination node via the one or more routing nodes identified in the proposed routing path, the response message cryptographicaly signed by each of the one or more routing nodes identified in the proposed routing path; verifying, by the processor, that the response message was cryptographically signed by each of the one or more routing nodes identified in the proposed routing path; and sending or receiving, by the processor via the communication interface, a traffic stream to/from the particular destination node via the one or more routing nodes identified in the proposed routing path when the response message was cryptographically signed by each of the one or more routing nodes identified in the proposed routing path.

2. The method of claim 1 , wherein the proposed routing path from the manager node is determined by comparing the one or more routing conditions to one or more performance metrics of routing nodes in the network cluster.

3. The method of claim 1 , further comprising: sending, by the processor via the communication interface, an authorization request for the source node to access the particular resource; and in response to sending the authorization request, receiving, by the processor via the communication interface, an authorization event associated with the particular resource from a blockchain authorization network, the authorization event comprising the one or more routing conditions required for each routing node to forward the traffic stream related to the particular resource.

4. A method, performed by a manager node of a network cluster, comprising: receiving, by a processor of the manager node via a communication interface coupled to the processor, a route request message from a source node of the network cluster; determining, by the processor, a proposed routing path between the source node and a particular destination node based on a comparison of one or more routing node performance metrics stored on an information storage device coupled to the processor and the one or more routing conditions; and sending, by the processor via the communication interface, the proposed routing path to the source node for verification of the proposed routing path.

5. The method of claim 4 , wherein the route request message comprises the one or more routing conditions.

6. The method of claim 4 , wherein the route request message comprises an identification of the particular resource, the method further comprising: retrieving, by the processor via the communication interface, an authorization event from a blockchain authorization network, the authorization event comprising one or more conditions for accessing the particular resource, the one or more conditions comprising the one or more routing conditions.

7. The method of claim 6 , wherein the authorization event further comprises an identification of the particular destination node.

8. The method of claim 4 , further comprising: tracking, by the processor, one or more performance metrics associated with routing nodes in the network cluster; storing, by the processor, the one or more performance metrics in the information storage device in association with the routing nodes in the network cluster, respectively; and sending, by the processor, a routing node information proposal, the routing node information proposal comprising a request to validate the one or more performance metrics stored in the information storage device by a routing blockchain network; receiving, by the processor, one or more validated performance metrics associated with the routing nodes in the network cluster from a cryptographic block published by the routing blockchain network; and storing, by the processor, the one or more validated performance metrics in association with the routing nodes in the information storage device.

9. The method of claim 8 , wherein the routing blockchain network comprises two or more ledger nodes in the network cluster, wherein the routing node information proposal further comprises a universally unique identifier (UUID) that identifies the network cluster, wherein the ledger nodes validate the routing node information proposal and publish a cryptographic block comprising a hashed version of the routing node information proposal and the UUID.

10. The method of claim 9 , wherein the routing blockchain network comprises a network of edger nodes that are not members of the network cluster, the method further comprising: updating, by the processor, the one or more performance metrics stored in the information storage device by: sending, by the processor via the communication interface, a request to retrieve one or more blocks published by the routing blockchain network, the request comprising the UUID; wherein the processor receives only cryptographic blocks associated with the UUID from the routing blockchain network.

11. The method of claim 4 , further comprising: receiving, by the processor via the communication interface, a request from a vagabond node to join the network cluster; determining, by the processor, one or more proximity metrics of the vagabond node; determining, by the processor, if the one or more proximity metrics meet or exceed one or more predetermined proximity metrics stored in the information the storage device; granting membership in the network cluster, by the processor, when at last one of the one or more proximity metrics of the vagabond node meet or exceed the one or more predetermined proximity metrics stored in the information the storage device.

12. The method of claim 11 , wherein the one or more predetermined proximity metrics comprises an observability proximity metric, the observability proximity metric for defining a capability of the vagabond node to mask traffic streams from being observed by unauthorized third parties.

13. A node of an ad-hoc network cluster, comprising: a processor; a communication interface for sending and receiving information to other nodes; wherein the processor is coupled to the communication interface; a non-transitory information storage device for storing processor-executable instructions and one or more routing conditions associated with a particular resource, the one or more routing conditions defining one or more characteristics of any router nodes in a routing path to be determined between the source node and a destination node coupled to the particular resource; the non-transitory information storage device comprising processor-executable instructions, when executed by the processor of the node, causes the processor of the node to perform the steps of: sending, by the processor via the communication interface, an ad-hoc route request to a manager node of the network cluster, the ad-hoc route request comprising the one or more routing conditions; receiving, by the processor via the communication interface, a proposed routing path from the manager node, the proposed routing path comprising an identification of one or more routing nodes in a routing path from the source node to a particular destination node coupled to the resource, each of the one or more routing nodes meeting or exceeding the one or more routing conditions; sending, by the processor via the communication interface, a route validation message to the particular destination node via the one or more routing nodes identified in the proposed routing path; receiving, by the processor via the communication interface, a response message from the particular destination node via the one or more routing nodes identified in the proposed routing path, the response message cryptographicaly signed by each of the one or more routing nodes identified in the proposed routing path; verifying, by the processor, that the response message was cryptographically signed by each of the one or more routing nodes identified in the proposed routing path; and sending or receiving, by the processor via the communication interface, a traffic stream to/from the particular destination node via the one or more routing nodes identified in the proposed routing path when the response message was cryptographicaly signed by each of the one or more routing nodes identified in the proposed routing path.

14. The node of claim 13 , wherein the proposed routing path from the manager node is determined by comparing the one or more routing conditions to one or more performance metrics of routing nodes in the cluster.

15. The node of claim 13 , comprising further processor-executable instructions that cause the processor of the node to perform the steps of: sending, by the processor via the communication interface, an authorization request for the source node to access the particular resource; and in response to sending the authorization request, receive, by the processor via the communication interface, an authorization event associated with the particular resource from a blockchain authorization network, the authorization event comprising the one or more routing conditions required for the routing nodes to forward the traffic stream related to the particular resource.

16. A manager node of a network cluster, comprising: a communication interface for sending and receiving information to other nodes; wherein the processor is coupled to the communication interface; a non-transitory information storage device for storing processor-executable instructions and one or more routing conditions associated with a particular resource, the one or more routing conditions defining one or more characteristics of any router nodes in a routing path to be determined between a source node and a destination node coupled to the particular resource; the non-transitory information storage device comprising processor-executable instructions, when executed by the processor of the manager node, causes the processor of the manager node to perform the steps of: receiving, by the processor via the communication interface, a route request message from a source node of the network cluster; determining, by the processor, a proposed routing path between the source node and a destination node based on a comparison of routing node performance metrics stored by the non-transitory information storage device and the one or more routing conditions; and sending, by the processor via the communication interface, the proposed routing path to the source node for verification of the proposed routing path.

17. The manager node of claim 16 , wherein the route request message comprises the one or more routing conditions.

18. The manager node of claim 16 , wherein the route request message comprises an identification of the particular resource, wherein the processor-executable instructions further comprise instructions that cause the processor of the manager node to perform the step of: retrieving, by the processor via the communication interface, an authorization event from a blockchain authorization network, the authorization event comprising one or more conditions for accessing the particular resource, the one or more conditions comprising the one or more routing conditions.

19. The manager node of claim 18 , wherein the authorization event further comprises an identification of the particular destination node.

20. The manager node of claim 16 , wherein the processor-executable instructions further comprise instructions that cause the processor of the manager node to perform the steps of: tracking, by the processor, one or more performance metrics associated with routing nodes in the network cluster; storing, by the processor, the one or more performance metrics in the information storage device in association with the routing nodes in the network cluster, respectively; sending, by the processor, a routing node information proposal, the routing node information proposal comprising a request to validate the one or more performance metrics stored in the information storage device by a routing blockchain network; receiving, by the processor, one or more validated performance metrics associated with the routing nodes in the network cluster from a cryptographic block published by the routing blockchain network; and storing, by the processor, the one or more validated performance metrics in association with the routing nodes in the information storage device.

21. The manager node of claim 20 , wherein the routing blockchain network comprises two or more edger nodes in the network cluster, wherein the routing node information proposal further comprises a universally unique identifier (UUID) that identifies the network cluster, wherein the ledger nodes validate the routing node information proposal and publish a cryptographic block comprising a hashed version of the routing node information proposal and the UUID.

22. The manager node of claim 21 , wherein the routing blockchain network comprises a network of ledger nodes that are not members of the network cluster, wherein the processor-executable instructions further comprise instructions that cause the processor of the manager node to perform the steps of: updating, by the processor, the one or more performance metrics stored in the information storage device by: sending, by the processor via the communication interface, a request to retrieve one or more blocks published by the routing blockchain network, the request comprising the UUID: wherein the processor receives only cryptographic blocks associated with the UUID from the routing blockchain network.

23. The manager node of claim 16 , wherein the processor-executable instructions further comprise instructions that cause the processor of the manager node to perform the steps of: receiving, by the processor via the communication interface, a request from a vagabond node to join the network cluster; determining, by the processor, one or more proximity metrics of the vagabond node; determining, by the processor, if the one or more proximity metrics meet or exceed one or more predetermined proximity metrics stored in the information the storage device; granting membership in the network cluster, by the processor, when at least one of the one or more proximity metrics of the vagabond node meet or exceed the one or more predetermined proximity metrics stored in the information the storage device.

24. The manager node of claim 23 , wherein the one or more predetermined proximity metrics comprises an observability proximity metric, the observability proximity metric for defining a capability of the vagaborid node to mask traffic streams from being observed by unauthorized third parties.